Authentication is the process through which the user claims his or her identity and the server validates that identity. A user must supply some information such as username and password that a server can use to identify the user. In today’s fast pace technology, we can use other information such as fingerprints, smartcards, voice detection, and retina scan.
Once the user proves his or her identity, the next step is the access control process is determining wheter the user has permission to access the data or info that they’re trying to access. This process of comparing the user’s authentication is called authorization. Both authentication and authorization make up the complete access control model.
On a windows environment, all authentication and authorization data are kept on a domain controller known as Active Diretory (AD). Whenever an authentication or authorization request is received by another computer within AD, the request is past to a domain controller for verification. Therefore, keeping domain-controller servers secure is critical to ensure the security of your network.